public class PKCS7
extends java.lang.Object
SignedData
ContentInfo
type, where to the type of data signed is plain Data.
For signedData, crls
, attributes
and
PKCS#6 Extended Certificates are not supported.Modifier and Type | Field and Description |
---|---|
static java.lang.String |
FOOTER |
static java.lang.String |
HEADER |
Constructor and Description |
---|
PKCS7(AlgorithmId[] digestAlgorithmIds,
ContentInfo contentInfo,
java.security.cert.X509Certificate[] certificates,
SignerInfo[] signerInfos)
Construct an initialized PKCS7 block.
|
PKCS7(byte[] bytes)
Unmarshals a PKCS7 block from its encoded form, parsing the
encoded bytes.
|
PKCS7(DerInputStream derin)
Unmarshals a PKCS7 block from its encoded form, parsing the
encoded bytes from the DerInputStream.
|
PKCS7(java.io.InputStream in)
Unmarshals a PKCS7 block from its encoded form, parsing the
encoded bytes from the InputStream.
|
PKCS7(java.lang.String input)
Unmarshals a PKCS7 block from PEM format.
|
Modifier and Type | Method and Description |
---|---|
void |
encodeSignedData(DerOutputStream out)
encode signed data, sort certs by default.
|
void |
encodeSignedData(DerOutputStream out,
boolean sort)
Encodes the signed data to a DerOutputStream.
|
void |
encodeSignedData(java.io.OutputStream out)
Encodes the signed data to an output stream.
|
void |
encodeSignedData(java.io.OutputStream out,
boolean sort)
Like method above but not sorted.
|
byte[] |
getBytes() |
java.security.cert.X509Certificate |
getCertificate(BigInt serial,
X500Name name)
Returns the X.509 certificate listed in this PKCS7 block
which has a matching serial number and Issuer name, or
null if one is not found.
|
java.security.cert.X509Certificate[] |
getCertificates()
Returns the X.509 certificates listed in this PKCS7 block.
|
ContentInfo |
getContentInfo()
Returns the content information specified in this PKCS7 block.
|
AlgorithmId[] |
getDigestAlgorithmIds()
Returns the message digest algorithms specified in this PKCS7 block.
|
SignerInfo[] |
getSignerInfos()
Returns the signer's information specified in this PKCS7 block.
|
BigInt |
getVersion()
Returns the version number of this PKCS7 block.
|
java.lang.String |
toPEMString() |
java.lang.String |
toString()
Returns the PKCS7 block in a printable string form.
|
SignerInfo[] |
verify()
Returns all signerInfos which self-verify.
|
SignerInfo[] |
verify(byte[] bytes)
Returns all signerInfos which self-verify.
|
SignerInfo |
verify(SignerInfo info,
byte[] bytes)
This verifies a given SignerInfo.
|
public static final java.lang.String HEADER
public static final java.lang.String FOOTER
public PKCS7(java.io.InputStream in) throws ParsingException, java.io.IOException
in
- an input stream holding at least one PKCS7 block.ParsingException
- on parsing errors.java.io.IOException
- on other errors.public PKCS7(DerInputStream derin) throws ParsingException
derin
- a DerInputStream holding at least one PKCS7 block.ParsingException
- on parsing errors.public PKCS7(byte[] bytes) throws ParsingException
bytes
- the encoded bytes.ParsingException
- on parsing errors.public PKCS7(java.lang.String input) throws ParsingException, java.io.IOException
input
- the PKCS7 block in PEM format.ParsingException
- on parsing errors.java.io.IOException
public PKCS7(AlgorithmId[] digestAlgorithmIds, ContentInfo contentInfo, java.security.cert.X509Certificate[] certificates, SignerInfo[] signerInfos)
digestAlgorithmIds
- the message digest algorithm identifiers.contentInfo
- the content information.certificates
- an array of X.509 certificates.signerInfos
- an array of signer information.public void encodeSignedData(java.io.OutputStream out) throws java.io.IOException
out
- the output stream to write the encoded data to.java.io.IOException
- on encoding errors.public void encodeSignedData(java.io.OutputStream out, boolean sort) throws java.io.IOException
java.io.IOException
public void encodeSignedData(DerOutputStream out) throws java.io.IOException
java.io.IOException
public void encodeSignedData(DerOutputStream out, boolean sort) throws java.io.IOException
out
- the DerOutputStream to write the encoded data to.java.io.IOException
- on encoding errors.public SignerInfo verify(SignerInfo info, byte[] bytes) throws java.security.NoSuchAlgorithmException, java.security.SignatureException
info
- the signer information.bytes
- the DER encoded content information.java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.public SignerInfo[] verify(byte[] bytes) throws java.security.NoSuchAlgorithmException, java.security.SignatureException
bytes
- the DER encoded content information.java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.public SignerInfo[] verify() throws java.security.NoSuchAlgorithmException, java.security.SignatureException
java.security.NoSuchAlgorithmException
- on unrecognized algorithms.java.security.SignatureException
- on signature handling errors.public BigInt getVersion()
public AlgorithmId[] getDigestAlgorithmIds()
public ContentInfo getContentInfo()
public java.security.cert.X509Certificate[] getCertificates()
public SignerInfo[] getSignerInfos()
public java.security.cert.X509Certificate getCertificate(BigInt serial, X500Name name)
serial
- the serial number of the certificate to retrieve.name
- the Distinguished Name of the Issuer.public byte[] getBytes() throws java.io.IOException
java.io.IOException
public java.lang.String toPEMString() throws java.io.IOException
java.io.IOException
public java.lang.String toString()
toString
in class java.lang.Object